package com.wxiao.exam.realm;

import com.wxiao.exam.ManagerService;
import com.wxiao.exam.StudentService;
import com.wxiao.exam.TeacherService;
import com.wxiao.exam.pojo.ManagerDO;
import com.wxiao.exam.pojo.StudentDO;
import com.wxiao.exam.pojo.TeacherDO;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

public class UserRealm extends AuthorizingRealm {

    @Autowired
    StudentService studentService;

    @Autowired
    TeacherService teacherService;

    @Autowired
    ManagerService managerService;

    /**
     * 授权
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    /**
     * 认证
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordTypeToken token = (UsernamePasswordTypeToken) authenticationToken;
        if (token.getUserType() == UsernamePasswordTypeToken.STUDENT) {
            StudentDO studentByName = studentService.getStudentByName(token.getUsername());
            if (studentByName != null) {
                SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
                        studentByName, studentByName.getPassword(), getName()
                );
              /*  1. 为什么使用 MD5 盐值加密:
                    　　希望即使两个原始密码相同，加密得到的两个字符串也不同。
                2. 如何做到:
　　                  1). 在 doGetAuthenticationInfo 方法返回值创建 SimpleAuthenticationInfo 对象的时候,
                            需要使用SimpleAuthenticationInfo(principal, credentials, credentialsSalt, realmName) 构造器
　　                  2). 使用 ByteSource.Util.bytes() 来计算盐值.
　　                  3). 盐值需要唯一: 一般使用随机字符串或 user id
　                  　4). 使用 new SimpleHash(hashAlgorithmName, credentials, salt, hashIterations);
                    来计算盐值加密后的密码的值.*/
              // 这里应该加盐使用的是账户名称   账户名称唯一  所以加密加盐后的密码也唯一
                info.setCredentialsSalt(ByteSource.Util.bytes(token.getUsername().getBytes()));
                return info;
            }
        }
        if (token.getUserType() == UsernamePasswordTypeToken.TEACHER) {
            TeacherDO teacher=teacherService.getTeacherByName(token.getUsername());
            if (teacher != null) {
                SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
                        teacher, teacher.getPassword(), getName()
                );
                info.setCredentialsSalt(ByteSource.Util.bytes(token.getUsername().getBytes()));
                return info;
            }
        }
        if (token.getUserType() == UsernamePasswordTypeToken.ADMIN) {
            ManagerDO manager = managerService.getManagerByName(token.getUsername());
            if (manager != null) {
                SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
                        manager, manager.getPassword(), getName()
                );
                info.setCredentialsSalt(ByteSource.Util.bytes(token.getUsername().getBytes()));
                return info;
            }
        }
        return null;
    }
}
